Bookeo NOT affected by Heartbleed bug

3 days ago a major vulnerability has been uncovered in OpenSSL, a popular software library used in many Heartbleed bug“.
web sites to encrypt communications with browsers. This has been commonly referred to as the ”

This is a potentially dangerous vulnerability, and has been widely reported in mainstream media.

Unfortunately some media reports have been rather misleading and alarmist, and in some cases even alerted that “the whole Internet is affected”. Although an attention-grabbing headline, this is incorrect.

Many of our customers have recently contacted us worried about this issue and the reports they’ve read.

It is important to know that the vulnerability does not affect the SSL protocol itself, which is the mechanism by which web browsers and web servers encrypt their communication.

This vulnerability only affects a software library, called OpenSSL, that many web sites use to implement SSL encryption.

So a web site is affected by this bug only if it uses OpenSSL for its data encryption. Unfortunately there are many such web sites, but they’re certainly not all the web sites out there.

To reassure our customers: Bookeo does not use, and has never used, OpenSSL for its communication encryption. So Bookeo is NOT affected by the “Heartbleed Bug”.

We recommend however to enquire about this issue with your web hosting company, your mail service provider, your payment gateway, and any other online service that you regularly use, as they may have been affected by this bug.

A change of password may be a good idea (it is always a good idea to change passwords regularly, anyway!)

On our end, all our servers are tested every day for vulnerabilities from a third party security scanner, and we have also collaborated (and will continue to do so) with “white hat” hackers to probe our systems for possible other complex vulnerabilities. Security is an ongoing process, and we’ll keep working to monitor developments in this space.